- remove it fully (as per original author). It is no more needed - use alternate cdns (from fastly or cloudflare)
Also as a good practice, use SRI (though it wouldn’t have helped in this attack)
I posted a note here: https://cpn.jjude.com/@jjude/statuses/01J195H28FZWJTN7EKT9JW...
Please add any actions that devs and non-devs can take to mitigate this attack.
- remove it fully (as per original author). It is no more needed - use alternate cdns (from fastly or cloudflare)
Also as a good practice, use SRI (though it wouldn’t have helped in this attack)
I posted a note here: https://cpn.jjude.com/@jjude/statuses/01J195H28FZWJTN7EKT9JW...
Please add any actions that devs and non-devs can take to mitigate this attack.